96
CVEs
39
Threats
0
News
4
Critical
3
CISA KEV
🛡 Security Vulnerabilities (CVE)
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthentic…
Linux Kernel — CVE-2022-0492
Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for c…
Oracle WebLogic Server — CVE-2024-21182
Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ac…
Android Framework — CVE-2025-48595
Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cl…
Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's is_local_url() function causes it to incorrectly classify remote URLs as trusted local origins on Windows and Android. On these systems, Tauri maps custom URI scheme …
CVE-2026-1784
OpenShift Route HAProxy Configuration Injection via Insufficient spec.path Validation
21:08 KSA
The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration…
The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.02 via the 'et_pb_text' shortcode 'cvdb_content_visibility_check' parameter. This makes it possible for authenticated attackers, with Contri…
CVE-2026-7802
Frontend Admin WordPress Plugin Authorization Bypass - Admin Account Takeover
03:16 KSA
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated atta…
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings res…
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated…
Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints (/plugins/*) w…
A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device.
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthenticated privilege escalation in versions up to and including 3.29.2. This is due to insecure form submission handling that accepts arbitrary form definitions from user input instead of securely loading…
The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filter_content function. This is due to passing the attacker-supplied 'callback_raw' shortcode attribute directly into …
The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.20.1 via the gutenbee_file_and_ext_json function. This is due to a flawed strpos() substring check that only verifies whether the filename contains …
CVE-2026-7313
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652
19:12 KSA
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote authenticated attacker to obtain plain-text credentials used connect to Sitefinity Insight service. Successful exploitation requires active inte…
CVE-2026-46820
Oracle E-Business Suite Financials Common Modules Authentication Bypass (CVE-2026-46820)
21:01 KSA
Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compr…
CVE-2026-49120
Medplum SSRF in Subscription Worker Allows Unauthorized Internal Network Access
21:08 KSA
Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscr…
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Deletion via SQL Injection and PHP Object Injection in versions up to and including 3.0. This is due to a missing nonce verification in the process_bulk_act…
A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the _get_os_path() function within jupyter_server/services/contents/fileio.py. The check uses startswith(root) without appending a trailing path separator, …
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, a shared-agent editor can delete file records through `DELETE /api/files` that the owner has reused across multiple agents. The deletion removes the file globally — …
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification.
Two flaws combine to allow a subordinate CA whose DNS nameConstraints are…
CVE-2026-33245
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Co
03:32 KSA
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (RSC) APIs, there is a potential client-side Cross-Site Scripting (XSS) vulnerability in the RSC redirect handling if redirects come from untrusted sou…
CVE-2026-10047
The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler
03:16 KSA
The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds…
CVE-2026-10046
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memor
03:16 KSA
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios_handlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlle…
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link (symlink) within an exported filesystem Persistent Volume Claim (…
Lakeside SysTrack Agent versions prior to 11.2.1.28, 11.3.0.38, 11.4.0.24, 11.5.0.15 contain an out-of-bounds read vulnerability in the Command ID 30 UDP packet handler that allows remote attackers to crash the application by sending a specially crafted UDP packet. Attackers can …
authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor (ResponseProcessor.parse()) does not validate the Conditions element on assertions. NotBefore, NotOnOrAfter, and AudienceRestriction are all ignored. This a…
The ARMember Premium plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'arm_directory_paging_action' AJAX action in all versions up to, and including, 7.3.1. This is due to insufficient escaping on the user-supplied 'order' and 'orderby' paramet…
Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded a…
CVE-2026-48116
AnythingLLM Command Injection via ripgrep Option Injection in Filesystem Search
21:01 KSA
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the filesystem-search-files agent skill passes its LLM-controlled pattern parameter to ripgrep as a positional argument without a -- end-of…
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after following a cross-origin redirect. If a developer uses the `cookies` parameter on a per-request basis then …
DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in new_ui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /{full_path:path} endpoint. Attackers c…
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer's authentication middleware accepts JWT bea…
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'append_where_sql' parameter in all versions up to, and including, 1.6.11.8 due to insufficient escaping on the user supplie…
A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. This affects the function resolveAuth of the file internal/http/auth.go of the component Webhook Verification Handler. The manipulation leads to missing authentication. Remote exploitation of the …
CVE-2026-9795
A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client man
04:17 KSA
A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses inten…
A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may b…
A vulnerability was detected in sayan365 student-management-system up to 7f3c9ce7d410332335c2affac93a385485051800. This impacts an unknown function. The manipulation results in improper authentication. The attack can be executed remotely. The exploit is now public and may be used…
The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'User-Agent' header in all versions up to, and including, 5.4.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to in…
The Login No Captcha reCAPTCHA plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `$_SERVER['PHP_SELF']` superglobal in all versions up to, and including, 1.8.0. This is due to the `authenticate()` function storing the unsanitized output of `basename($_SERV…
The HT Contact Form – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'file_upload' parameter in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it pos…
An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interface. After successfully authenticating to the admin interface, an attacker can le…
CVE-2026-8035
Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service
23:16 KSA
Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.
Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.
A command injection vulnerability was discovered in the `rpmuncompress` utility of RPM. When extracting certain archive formats (ZIP, 7z, GEM) to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizi…
CVE-2025-59614
Memory Corruption when sending random number generator command with insufficient output buffer size.
05:17 KSA
Memory Corruption when sending random number generator command with insufficient output buffer size.
CVE-2025-59613
Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
05:17 KSA
Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
CVE-2025-59612
Memory corruption in windows drivers while sending incorrect trusted application request
05:17 KSA
Memory corruption in windows drivers while sending incorrect trusted application request
CVE-2025-59611
Memory corruption in diagnostic services due to absence of input validation
05:17 KSA
Memory corruption in diagnostic services due to absence of input validation
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet. Attackers can repeatedly send malformed network packets to disrupt patient moni…
CVE-2026-5074
The ARMember Premium plugin for WordPress is vulnerable to SQL Injection via the 'sSortDir_0' parameter of the `get_priv
10:00 KSA
The ARMember Premium plugin for WordPress is vulnerable to SQL Injection via the 'sSortDir_0' parameter of the `get_private_content_data` AJAX action in all versions up to, and including, 7.3.1. This is due to insufficient sanitization of the user-supplied parameter which is conc…
CVE-2025-59601
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized
05:17 KSA
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
CVE-2026-3871
A buffer overflow vulnerability in the UPnP DeletePortMapping() command in Zyxel VMG4005-B50B firmware versions through
10:00 KSA
A buffer overflow vulnerability in the UPnP DeletePortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.13(ABRL.5.4)C0 could allow an adjacent attacker to trigger a temporary denial-of-service (DoS) condition affecting the UPnP function of the affected device.
CVE-2026-3870
A buffer overflow vulnerability in the UPnP AddPortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.1
04:48 KSA
A buffer overflow vulnerability in the UPnP AddPortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.13(ABRL.5.4)C0 could allow an adjacent attacker to trigger a temporary denial-of-service (DoS) condition affecting the UPnP function of the affected device.
CVE-2026-35718
A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allow
08:00 KSA
A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request.
TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request.
Successful exploitation causes the affected RTSP core se…
CVE-2026-4080
The Easy Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'add_to_cart' shortcode in all v
16:10 KSA
The Easy Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'add_to_cart' shortcode in all versions up to and including 1.8. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Specifically, the ect…
CVE-2026-4081
The ZeM STL plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the [zemstl] shortcode in all versions
16:10 KSA
The ZeM STL plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the [zemstl] shortcode in all versions up to and including 1.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes, specifically the 'url', 'col…
CVE-2026-8885
The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'callo
21:55 KSA
The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'callout' shortcode in all versions up to, and including, 1.1.1. This is due to insufficient input sanitization and output escaping on the 'width' and 'align' shortco…
CVE-2026-3722
The Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) plugin for WordPress
21:35 KSA
The Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment metadata in all versions up to, and including, 4.9 due to insufficient input sanitization and o…
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
CVE-2026-2382
The FPW Category Thumbnails plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of
12:00 KSA
The FPW Category Thumbnails plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the 'fpw_fs_get_file' AJAX action in all versions up to, and including, 1.9.5. This is due to insufficient input sanitization and output escaping. This makes it…
CVE-2026-10568
A vulnerability was detected in itsourcecode Fees Management System 1.0. Affected is an unknown function of the file /ma
21:35 KSA
A vulnerability was detected in itsourcecode Fees Management System 1.0. Affected is an unknown function of the file /manage_payment.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
CVE-2026-10581
A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64_decode of the file /plus/
10:00 KSA
A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64_decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has b…
CVE-2026-10559
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the
19:28 KSA
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been publis…
CVE-2026-10558
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file
17:16 KSA
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is n…
CVE-2026-10550
A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java
16:00 KSA
A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is pos…
Appsmith’s SQL query editor’s autocomplete functionality fails to sanitize database object names before rendering them in innerHTML, allowing an authenticated Developer to inject persistent XSS by a malicious table or column names triggering arbitrary code execution in the sessio…
CVE-2026-10302
A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the fil
08:00 KSA
A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /manage_fee.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published an…
CVE-2026-10297
SQL Injection in itsourcecode Fees Management System 1.0 /manage_course.php
05:17 KSA
A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_course.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available an…
A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit…
CVE-2026-10286
A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the file /home_employee.php.
03:33 KSA
A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the file /home_employee.php. The manipulation of the argument emp_id results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
CVE-2026-10662
A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element i
11:48 KSA
A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blender_mcp/server.py of the component ZIP File Handler. The manipulation of the argument zip_file_url results in se…
React Router is a router for React. In versions 7.0.0 through 7.14.0 and 6.7.0 through 6.30.3, certain URLs passed to the redirect function can trigger an open redirect to an external domain due to path values starting with // being reinterpreted as protocol-relative URLs. The le…
authentik is an open-source identity provider. Prior to version 2026.2.3, the WS-Federation provider validates the user-supplied wreply parameter using a raw string prefix check rather than proper URL parsing. An attacker who can craft a login link can supply a wreply value on a …
CVE-2026-1450
The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mode' parameter in versions up
12:00 KSA
The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mode' parameter in versions up to, and including, 0.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w…
CVE-2026-1451
The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'a' parameter in versions up to
12:00 KSA
The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'a' parameter in versions up to, and including, 0.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web …
CVE-2026-2425
The hiWeb Migration Simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'new_domain' par
14:00 KSA
The hiWeb Migration Simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'new_domain' parameter in all versions up to, and including, 2.0.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated atta…
CVE-2026-35212
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7
19:17 KSA
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7.260227.0 are vulnerable to XSS in the rendering of email-message observable body data. The content of the body field isn't appropriately sanitized when being r…
CVE-2026-25861
QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attack
11:48 KSA
QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt() function within classes/Tools.php, which concatenat…
CVE-2026-41918
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applicatio
05:17 KSA
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to ac…
CVE-2025-5085
The WP Nano AD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘blogrole_link’ parameter in al
12:00 KSA
The WP Nano AD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘blogrole_link’ parameter in all versions up to, and including, 1.31 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin…
CVE-2026-10688
A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted elem
11:48 KSA
A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function execute_blender_code of the file /src/blender_mcp/server.py. This manipulation of the argument code causes code injection. The attack is pos…
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
CVE-2026-5191
The Tiled Gallery Carousel Without JetPack plugin for WordPress is vulnerable to stored cross-site scripting via the 'da
05:17 KSA
The Tiled Gallery Carousel Without JetPack plugin for WordPress is vulnerable to stored cross-site scripting via the 'data-image-title' parameter in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping. This makes it possible for authe…
CVE-2026-10285
A vulnerability has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this issue is the functi
03:33 KSA
A vulnerability has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this issue is the function KanbanScrumHelper::recordUpdated of the file app/Helpers/KanbanScrumHelper.php of the component Ticket Handler. The manipulation leads to improper authorizat…
CVE-2026-10284
A flaw has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this vulnerability is the functio
03:33 KSA
A flaw has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this vulnerability is the function editComment/doDeleteComment of the file app/Filament/Resources/TicketResource/Pages/ViewTicket.php of the component Livewire Handler. Executing a manipulation…
ZeusCart 4.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of victims by crafting malicious requests. Attackers can deactivate customer accounts via the admin interface by tricking users into visiting attacker-…
CVE-2026-10548
A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function _sync_anthro
16:00 KSA
A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function _sync_anthropic_entry_from_credentials_file of the file agent/credential_pool.py of the component Credential Pool Synchronization. The manipulation results in improper auth…
CVE-2026-10566
A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.check_instruct
21:35 KSA
A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.check_instruct_content of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local executio…
CVE-2026-10650
A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of t
10:00 KSA
A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consum…
CVE-2026-45682
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0
08:00 KSA
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking never removes keys from its insertion-order queue when entries are deleted. In l…
CVE-2026-49138
Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows re
03:33 KSA
Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows remote attackers to reach internal or private network hosts by supplying a URL that redirects to a loopback or private address via a 3xx Location header. Attacker…
⚠️ Threat Intelligence
39 threats
rss:Dark Reading
—
03:33 KSA
DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks
DriveSurge, a malicious traffic distribution system (TDS), is being used in a large-scale operation to hijack thousands of legitimate websites and redirect visitors to malware delivery sites.…
rss:SecurityWeek
—
02:18 KSA
Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks
The U.S. federal government has established a vetting framework to assess national security risks posed by advanced AI systems before public release, with a review peri…
rss:Dark Reading
—
02:18 KSA
Securing AI Agents Before They Go Rogue Is Next to Impossible
Autonomous AI agents with broad system permissions and unrestricted access present significant cybersecurity risks that organizations struggle to mitigate. The lack of proper security controls and gov…
rss:Dark Reading
—
02:18 KSA
China Uses Dual-Method Cyberattack on Czech Orgs
Chinese threat actors are conducting a sophisticated two-stage spear-phishing campaign targeting high-value Czech organizations to steal sensitive data using the Azureveil malware. The attack combines social engin…
rss:The Hacker News
—
02:18 KSA
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google released security patches for 124 vulnerabilities in Android OS for June 2026, including a high-severity flaw (CVE-2025-48595, CVSS 8.4) in the Framework component that is actively …
rss:BleepingComputer
—
02:18 KSA
AI-built ransomware toolkit automates EDR evasion, AD discovery
Threat actors are deploying an AI-powered ransomware toolkit that automates Active Directory reconnaissance and evades endpoint detection and response (EDR) solutions. This advanced attack framework…
rss:Malwarebytes Lab
—
01:32 KSA
These convincing copyright notices are designed to steal Google logins
Scammers are using fake DMCA takedown requests combined with countdown timers and spoofed Google sign-in screens to deceive Chrome developers into revealing their login credentials. This phis…
rss:The Hacker News
—
01:32 KSA
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
CISA added CVE-2024-21182, a high-severity vulnerability in Oracle WebLogic Server (CVSS 7.5), to its Known Exploited Vulnerabilities catalog due to confirmed active exploitation in th…
rss:The Hacker News
—
01:32 KSA
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
Russian APT group Gamaredon is actively exploiting CVE-2025-8088, a path traversal vulnerability in WinRAR, to deliver multiple malware families including GammaWorm and GammaSteel targ…
rss:CISA Advisories
—
00:09 KSA
CISA and Partners Urge Hardening Automatic Tank Gauge Systems
CISA and multiple U.S. federal agencies issued guidance on hardening Automatic Tank Gauge (ATG) systems used in critical infrastructure. The advisory addresses vulnerabilities in these systems that co…
rss:SecurityWeek
—
23:38 KSA
Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis
Two new reports present conflicting analyses on the root causes of cybersecurity's escalating crisis, with researchers debating whether inadequate security tools or poor operational …
rss:BleepingComputer
—
23:38 KSA
Microsoft Exchange Online outage causes email delays, failures
Microsoft Exchange Online experienced a widespread service outage affecting mail flow across North America and Germany, causing email delays and delivery failures. The incident impacted organizations…
rss:BleepingComputer
—
22:14 KSA
Why the browser is now the front line for AI security
AI-powered attacks and unauthorized AI tool adoption within organizations are creating significant security vulnerabilities through web browsers. Enhanced browser visibility and monitoring are essential for d…
rss:BleepingComputer
—
22:14 KSA
Instagram users locked out after Meta AI abused to steal accounts
Attackers exploited Meta's AI-powered support tools to gain unauthorized access to Instagram accounts by impersonating legitimate account owners. The vulnerability in AI-based account recovery mec…
rss:SecurityWeek
—
21:36 KSA
Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities
Google released an Android security update addressing CVE-2025-48595, a zero-day vulnerability that has been actively exploited in targeted attacks. The update patches this critical vulnerabili…
rss:SecurityWeek
—
21:36 KSA
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
A critical vulnerability in Microsoft Android applications was caused by a single misconfigured development setting that bypassed security protections for account token acces…
rss:Recorded Future
—
20:16 KSA
Iran Expands Handala Brand to Physical Threats
Iran's Ministry of Intelligence (MOIS) is expanding its Handala brand operations to include hybrid cyber and physical threat campaigns, recruiting proxy actors to conduct coordinated attacks, espionage, and sabotage…
rss:SecurityWeek
—
20:16 KSA
Anthropic Expanding Mythos Access to 150 New Organizations
Anthropic is expanding access to its Mythos vulnerability detection tool from 50 companies to 150 new organizations. The tool has already identified thousands of vulnerabilities in products, enabling pro…
rss:SecurityWeek
—
20:16 KSA
Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches
A critical stack-based buffer overflow vulnerability in HP VoIP phones allows remote code execution on affected devices. This vulnerability poses a significant risk to enterprise networ…
rss:SecurityWeek
—
20:16 KSA
The Zero-Knowledge Threat Actor and the End of Responsible Disclosure
AI-powered tools are enabling threat actors to generate malware, create malicious payloads, bypass security controls, and convert vague malicious intent into functional exploits. This capabili…
rss:BleepingComputer
—
20:16 KSA
CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has issued an urgent directive to U.S. government agencies to patch a high-severity Oracle WebLogic Server vulnerability that was disclosed two years ago but is now being actively exploite…
rss:SecurityWeek
—
18:16 KSA
Oracle WebLogic Vulnerability Exploited in the Wild
CVE-2024-21182 is an unauthenticated vulnerability affecting Oracle WebLogic servers that is actively being exploited in the wild. This critical vulnerability allows attackers to compromise affected systems wit…
rss:Dark Reading
—
18:16 KSA
Beyond Assume-Breach: How AI-Native Security Will Reshape Enterprise Defense
This article discusses the evolution of enterprise security beyond traditional assume-breach strategies, focusing on AI-native security approaches that utilize hyper-segmentation and AI…
rss:The Hacker News
—
18:16 KSA
AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
AI-powered tools are accelerating vulnerability exploitation timelines, dramatically reducing the window between vulnerability disclosure and weaponization. Organizations fac…
rss:SecurityWeek
—
17:17 KSA
Meta AI Hands Over High-Profile Instagram Accounts to Hackers
Hackers exploited a confused deputy vulnerability in Meta's AI system to gain unauthorized access to high-profile Instagram accounts by manipulating the chatbot into linking accounts to attacker-contr…
rss:The Hacker News
—
17:17 KSA
How Leading Organizations Are Turning EDR Into Operational Resilience
Organizations are increasingly adopting endpoint detection and response (EDR) solutions as traditional endpoint protection proves insufficient against modern threats. EDR enables faster threat…
rss:BleepingComputer
—
17:17 KSA
Google fixes one actively exploited Android zero-day, 124 flaws
Google released June 2026 Android security patches addressing 124 vulnerabilities, including one actively exploited zero-day flaw used in targeted attacks. This update is critical for Android users …
rss:Malwarebytes Lab
—
16:33 KSA
23andMe exposed genetic information of millions, lawsuit says
A data breach at 23andMe resulted in the exposure of genetic information for nearly seven million users after attackers exploited stolen passwords. This represents a significant privacy violation invo…
rss:Malwarebytes Lab
—
16:33 KSA
Fake virus alerts are invading mobile games
Malicious actors are embedding fake virus alerts and account warnings within mobile game advertisements to trick users into downloading malware. This social engineering technique exploits user anxiety about device secu…
rss:SecurityWeek
—
16:32 KSA
Supply Chain Attack Hits 32 Red Hat NPM Packages
Hackers compromised 32 Red Hat NPM packages by publishing 96 malicious versions containing a credential-stealing worm similar to Mini Shai-Hulud. This supply chain attack poses significant risk to organizations us…
rss:The Hacker News
—
16:32 KSA
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
The Pakistan-aligned SideCopy group conducted a spear-phishing campaign targeting Afghanistan's Ministry of Finance using Xeno RAT, an open-source remote access trojan. The attack levera…
rss:SecurityWeek
—
15:27 KSA
Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads
Dashlane password manager experienced a brute-force attack that resulted in limited unauthorized encrypted vault downloads. The company's security systems automatically locked affected accoun…
rss:SecurityWeek
—
14:00 KSA
Oracle’s First Monthly Patches Resolve 77 Vulnerabilities
Oracle released its first monthly Critical Security Patch Update (CSPU) addressing 77 vulnerabilities to accelerate the delivery of critical security fixes. This new patching approach aims to reduce the w…
rss:The Hacker News
—
12:48 KSA
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane disclosed a brute-force attack where an unknown threat actor downloaded encrypted vaults of fewer than 20 personal subscription users. The attack …
rss:Dark Reading
—
04:18 KSA
Microsoft's Zero-Day Legal Threats Spark Backlash
Microsoft has threatened legal action against a security researcher who publicly disclosed multiple zero-day vulnerabilities. The company's aggressive legal stance has generated significant backlash from the…
rss:Dark Reading
—
04:18 KSA
Anthropic to Open Mythos AI to EU's ENISA
Anthropic has granted the European Union's cybersecurity agency ENISA access to Project Glasswing, an AI security initiative. This collaboration represents strengthened bilateral cooperation between the European Com…
rss:BleepingComputer
—
04:18 KSA
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
DriveSurge threat actor is conducting large-scale malware distribution campaigns exploiting compromised websites using ClickFix and FakeUpdates social engineering techniques. This attack metho…
rss:BleepingComputer
—
04:18 KSA
Spain arrests doxer leaking sensitive data of govt employees
Spanish National Police arrested an individual for leaking sensitive information of government employees from key state organizations including the National Cybersecurity Institute (INCIBE). This data …
rss:BleepingComputer
—
04:18 KSA
Red Hat npm packages compromised to steal developer credentials
Over 30 npm packages in Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack distributing the Miasma variant of Shai-Hulud credential-stealing malware. This attack …
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Tuesday, June 2, 2026
CVE Archive ·
Threats ·
News